CIP-dev Archive on lore.kernel.org
 help / color / Atom feed
* [cip-dev] Backporting of security patches for Intel i40e drivers required?
@ 2020-10-08  9:42 masashi.kudo
  2020-10-09  0:23 ` Nobuhiro Iwamatsu
  0 siblings, 1 reply; 6+ messages in thread
From: masashi.kudo @ 2020-10-08  9:42 UTC (permalink / raw)
  To: cip-dev; +Cc: jan.kiszka


[-- Attachment #1: Type: text/plain, Size: 662 bytes --]

Hi, Jan-san, All,

At the IRC meeting today, we identified the following new CVEs are not in LTS4.4 yet.

- CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 [net/i40e] - Fixed for mainline and 4.19+

These are for i40e driver for Intel.

The kernel team would like to know whether their backporting is needed or not.

For details of those CVE checking results, please see the following.
https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/merge_requests/75/diffs

Regarding the discussion of the IRC meeting, please see the following.
https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.00.log.html

Best regards,
--
M. Kudo

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5514): https://lists.cip-project.org/g/cip-dev/message/5514
Mute This Topic: https://lists.cip-project.org/mt/77380165/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [cip-dev] Backporting of security patches for Intel i40e drivers required?
  2020-10-08  9:42 [cip-dev] Backporting of security patches for Intel i40e drivers required? masashi.kudo
@ 2020-10-09  0:23 ` Nobuhiro Iwamatsu
  2020-10-09  7:24   ` Jan Kiszka
  0 siblings, 1 reply; 6+ messages in thread
From: Nobuhiro Iwamatsu @ 2020-10-09  0:23 UTC (permalink / raw)
  To: cip-dev; +Cc: jan.kiszka


[-- Attachment #1: Type: text/plain, Size: 2709 bytes --]

Hi,

I have some comment for this issue.
  https://lists.osuosl.org/pipermail/intel-wired-lan/Week-of-Mon-20200810/021006.html
  https://lore.kernel.org/stable/20200807205517.1740307-1-jesse.brandeburg@intel.com/

There are multiple patches fixed for 4.19, which can be separated by feature.

 - i40e: add num_vectors checker in iwarp handler

     This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver").
     e3219ce6a7754 is not included in 4.4.y and can be ignored.

 - i40e: Wrong truncation from u16 to u8
   This can be apply in 4.4.y.

 - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c

   This issue has been produced by e284fc280473b ("i40e: Add and delete cloud filter").
   It is not included in 4.4.y. However, this patch has several different fixes, so some patches need to be applied.

--- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
@@ -181,7 +181,7 @@ static inline bool i40e_vc_isvalid_vsi_id(struct
i40e_vf *vf, u16 vsi_id)
  * check for the valid queue id
  **/
 static inline bool i40e_vc_isvalid_queue_id(struct i40e_vf *vf, u16 vsi_id,
-                        u8 qid)
+                        u16 qid)
 {
     struct i40e_pf *pf = vf->pf;
     struct i40e_vsi *vsi = i40e_find_vsi_from_id(pf, vsi_id);


 - i40e: Memory leak in i40e_config_iwarp_qvlist
   This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver").
   e3219ce6a7754 is not included in 4.4.y and can be ignored.

Best regards,
  Nobuhiro

> -----Original Message-----
> From: cip-dev@lists.cip-project.org [mailto:cip-dev@lists.cip-project.org] On Behalf Of
> masashi.kudo@cybertrust.co.jp
> Sent: Thursday, October 8, 2020 6:43 PM
> To: cip-dev@lists.cip-project.org
> Cc: jan.kiszka@siemens.com
> Subject: [cip-dev] Backporting of security patches for Intel i40e drivers required?
> 
> Hi, Jan-san, All,
> 
> At the IRC meeting today, we identified the following new CVEs are not in LTS4.4 yet.
> 
> - CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 [net/i40e] - Fixed for mainline and 4.19+
> 
> These are for i40e driver for Intel.
> 
> The kernel team would like to know whether their backporting is needed or not.
> 
> For details of those CVE checking results, please see the following.
> https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/merge_requests/75/diffs
> 
> Regarding the discussion of the IRC meeting, please see the following.
> https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.00.log.html
> 
> Best regards,
> --
> M. Kudo

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5515): https://lists.cip-project.org/g/cip-dev/message/5515
Mute This Topic: https://lists.cip-project.org/mt/77380165/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [cip-dev] Backporting of security patches for Intel i40e drivers required?
  2020-10-09  0:23 ` Nobuhiro Iwamatsu
@ 2020-10-09  7:24   ` Jan Kiszka
  2020-10-12  9:27     ` masashi.kudo
  2020-10-14 14:13     ` Pavel Machek
  0 siblings, 2 replies; 6+ messages in thread
From: Jan Kiszka @ 2020-10-09  7:24 UTC (permalink / raw)
  To: nobuhiro1.iwamatsu, cip-dev


[-- Attachment #1: Type: text/plain, Size: 3036 bytes --]

Hi all,

given the exposure of such a device but also the fact that I can't tell
for sure if/where it's used (not only by us), I would recommend backporting.

Jan

On 09.10.20 02:23, nobuhiro1.iwamatsu@toshiba.co.jp wrote:
> Hi,
> 
> I have some comment for this issue.
>   https://lists.osuosl.org/pipermail/intel-wired-lan/Week-of-Mon-20200810/021006.html
>   https://lore.kernel.org/stable/20200807205517.1740307-1-jesse.brandeburg@intel.com/
> 
> There are multiple patches fixed for 4.19, which can be separated by feature.
> 
>  - i40e: add num_vectors checker in iwarp handler
> 
>      This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver").
>      e3219ce6a7754 is not included in 4.4.y and can be ignored.
> 
>  - i40e: Wrong truncation from u16 to u8
>    This can be apply in 4.4.y.
> 
>  - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
> 
>    This issue has been produced by e284fc280473b ("i40e: Add and delete cloud filter").
>    It is not included in 4.4.y. However, this patch has several different fixes, so some patches need to be applied.
> 
> --- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> +++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> @@ -181,7 +181,7 @@ static inline bool i40e_vc_isvalid_vsi_id(struct
> i40e_vf *vf, u16 vsi_id)
>   * check for the valid queue id
>   **/
>  static inline bool i40e_vc_isvalid_queue_id(struct i40e_vf *vf, u16 vsi_id,
> -                        u8 qid)
> +                        u16 qid)
>  {
>      struct i40e_pf *pf = vf->pf;
>      struct i40e_vsi *vsi = i40e_find_vsi_from_id(pf, vsi_id);
> 
> 
>  - i40e: Memory leak in i40e_config_iwarp_qvlist
>    This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver").
>    e3219ce6a7754 is not included in 4.4.y and can be ignored.
> 
> Best regards,
>   Nobuhiro
> 
>> -----Original Message-----
>> From: cip-dev@lists.cip-project.org [mailto:cip-dev@lists.cip-project.org] On Behalf Of
>> masashi.kudo@cybertrust.co.jp
>> Sent: Thursday, October 8, 2020 6:43 PM
>> To: cip-dev@lists.cip-project.org
>> Cc: jan.kiszka@siemens.com
>> Subject: [cip-dev] Backporting of security patches for Intel i40e drivers required?
>>
>> Hi, Jan-san, All,
>>
>> At the IRC meeting today, we identified the following new CVEs are not in LTS4.4 yet.
>>
>> - CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 [net/i40e] - Fixed for mainline and 4.19+
>>
>> These are for i40e driver for Intel.
>>
>> The kernel team would like to know whether their backporting is needed or not.
>>
>> For details of those CVE checking results, please see the following.
>> https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/merge_requests/75/diffs
>>
>> Regarding the discussion of the IRC meeting, please see the following.
>> https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.00.log.html
>>
>> Best regards,
>> --
>> M. Kudo

-- 
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5516): https://lists.cip-project.org/g/cip-dev/message/5516
Mute This Topic: https://lists.cip-project.org/mt/77380165/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [cip-dev] Backporting of security patches for Intel i40e drivers required?
  2020-10-09  7:24   ` Jan Kiszka
@ 2020-10-12  9:27     ` masashi.kudo
  2020-10-14 14:13     ` Pavel Machek
  1 sibling, 0 replies; 6+ messages in thread
From: masashi.kudo @ 2020-10-12  9:27 UTC (permalink / raw)
  To: cip-dev, nobuhiro1.iwamatsu


[-- Attachment #1: Type: text/plain, Size: 3740 bytes --]

Hi, Jan-san,

Thanks for your response.

Best regards,
--
M. Kudo

> -----Original Message-----
> From: cip-dev@lists.cip-project.org <cip-dev@lists.cip-project.org> On Behalf Of
> Jan Kiszka
> Sent: Friday, October 9, 2020 4:24 PM
> To: nobuhiro1.iwamatsu@toshiba.co.jp; cip-dev@lists.cip-project.org
> Subject: Re: [cip-dev] Backporting of security patches for Intel i40e drivers
> required?
> 
> Hi all,
> 
> given the exposure of such a device but also the fact that I can't tell for sure
> if/where it's used (not only by us), I would recommend backporting.
> 
> Jan
> 
> On 09.10.20 02:23, nobuhiro1.iwamatsu@toshiba.co.jp wrote:
> > Hi,
> >
> > I have some comment for this issue.
> >
> https://lists.osuosl.org/pipermail/intel-wired-lan/Week-of-Mon-20200810/021
> 006.html
> >
> > https://lore.kernel.org/stable/20200807205517.1740307-1-jesse.brandebu
> > rg@intel.com/
> >
> > There are multiple patches fixed for 4.19, which can be separated by feature.
> >
> >  - i40e: add num_vectors checker in iwarp handler
> >
> >      This issue has been produced by e3219ce6a7754 ("i40e: Add support for
> client interface for IWARP driver").
> >      e3219ce6a7754 is not included in 4.4.y and can be ignored.
> >
> >  - i40e: Wrong truncation from u16 to u8
> >    This can be apply in 4.4.y.
> >
> >  - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
> >
> >    This issue has been produced by e284fc280473b ("i40e: Add and delete
> cloud filter").
> >    It is not included in 4.4.y. However, this patch has several different fixes, so
> some patches need to be applied.
> >
> > --- a/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> > +++ b/drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c
> > @@ -181,7 +181,7 @@ static inline bool i40e_vc_isvalid_vsi_id(struct
> > i40e_vf *vf, u16 vsi_id)
> >   * check for the valid queue id
> >   **/
> >  static inline bool i40e_vc_isvalid_queue_id(struct i40e_vf *vf, u16 vsi_id,
> > -                        u8 qid)
> > +                        u16 qid)
> >  {
> >      struct i40e_pf *pf = vf->pf;
> >      struct i40e_vsi *vsi = i40e_find_vsi_from_id(pf, vsi_id);
> >
> >
> >  - i40e: Memory leak in i40e_config_iwarp_qvlist
> >    This issue has been produced by e3219ce6a7754 ("i40e: Add support for
> client interface for IWARP driver").
> >    e3219ce6a7754 is not included in 4.4.y and can be ignored.
> >
> > Best regards,
> >   Nobuhiro
> >
> >> -----Original Message-----
> >> From: cip-dev@lists.cip-project.org
> >> [mailto:cip-dev@lists.cip-project.org] On Behalf Of
> >> masashi.kudo@cybertrust.co.jp
> >> Sent: Thursday, October 8, 2020 6:43 PM
> >> To: cip-dev@lists.cip-project.org
> >> Cc: jan.kiszka@siemens.com
> >> Subject: [cip-dev] Backporting of security patches for Intel i40e drivers
> required?
> >>
> >> Hi, Jan-san, All,
> >>
> >> At the IRC meeting today, we identified the following new CVEs are not in
> LTS4.4 yet.
> >>
> >> - CVE-2019-0145, CVE-2019-0147, CVE-2019-0148 [net/i40e] - Fixed for
> >> mainline and 4.19+
> >>
> >> These are for i40e driver for Intel.
> >>
> >> The kernel team would like to know whether their backporting is needed or
> not.
> >>
> >> For details of those CVE checking results, please see the following.
> >> https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/merge_requ
> >> ests/75/diffs
> >>
> >> Regarding the discussion of the IRC meeting, please see the following.
> >> https://irclogs.baserock.org/meetings/cip/2020/10/cip.2020-10-08-09.0
> >> 0.log.html
> >>
> >> Best regards,
> >> --
> >> M. Kudo
> 
> --
> Siemens AG, T RDA IOT
> Corporate Competence Center Embedded Linux

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5518): https://lists.cip-project.org/g/cip-dev/message/5518
Mute This Topic: https://lists.cip-project.org/mt/77380165/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [cip-dev] Backporting of security patches for Intel i40e drivers required?
  2020-10-09  7:24   ` Jan Kiszka
  2020-10-12  9:27     ` masashi.kudo
@ 2020-10-14 14:13     ` Pavel Machek
  2020-10-14 14:55       ` Chen-Yu Tsai (Moxa)
  1 sibling, 1 reply; 6+ messages in thread
From: Pavel Machek @ 2020-10-14 14:13 UTC (permalink / raw)
  To: Jan Kiszka, wens; +Cc: nobuhiro1.iwamatsu, cip-dev

[-- Attachment #1.1: Type: text/plain, Size: 1441 bytes --]

Hi!

> given the exposure of such a device but also the fact that I can't tell
> for sure if/where it's used (not only by us), I would recommend backporting.

> > There are multiple patches fixed for 4.19, which can be separated by feature.
> > 
> >  - i40e: add num_vectors checker in iwarp handler
> > 
> >      This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver").
> >      e3219ce6a7754 is not included in 4.4.y and can be ignored.

It is interesting this one is listed in both CVE-145, CVE-147 in
cip-kernel-sec. Is that an error?

> >  - i40e: Wrong truncation from u16 to u8
> >    This can be apply in 4.4.y.
> > 
> >  - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
> > 
> >    This issue has been produced by e284fc280473b ("i40e: Add and delete cloud filter").
> >    It is not included in 4.4.y. However, this patch has several different fixes, so some patches need to be applied.

I see also

- i40e: Set RX_ONLY mode for unicast promiscuous on VLAN

which apparently allows people to listen to packets they should not
see. But I assume this requires elevated priviledges to begin with...

Best regards,
                                                                Pavel
--
DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany


[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5577): https://lists.cip-project.org/g/cip-dev/message/5577
Mute This Topic: https://lists.cip-project.org/mt/77380165/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [cip-dev] Backporting of security patches for Intel i40e drivers required?
  2020-10-14 14:13     ` Pavel Machek
@ 2020-10-14 14:55       ` Chen-Yu Tsai (Moxa)
  0 siblings, 0 replies; 6+ messages in thread
From: Chen-Yu Tsai (Moxa) @ 2020-10-14 14:55 UTC (permalink / raw)
  To: Pavel Machek; +Cc: Jan Kiszka, Nobuhiro Iwamatsu, cip-dev


[-- Attachment #1: Type: text/plain, Size: 1918 bytes --]

On Wed, Oct 14, 2020 at 10:14 PM Pavel Machek <pavel@denx.de> wrote:
>
> Hi!
>
> > given the exposure of such a device but also the fact that I can't tell
> > for sure if/where it's used (not only by us), I would recommend backporting.
>
> > > There are multiple patches fixed for 4.19, which can be separated by feature.
> > >
> > >  - i40e: add num_vectors checker in iwarp handler
> > >
> > >      This issue has been produced by e3219ce6a7754 ("i40e: Add support for client interface for IWARP driver").
> > >      e3219ce6a7754 is not included in 4.4.y and can be ignored.
>
> It is interesting this one is listed in both CVE-145, CVE-147 in
> cip-kernel-sec. Is that an error?

Given that Intel's security notice did not state which patches fixed which
issues, nor which commits caused them, I tried to guess which patch fixed
which issue, based solely on their descriptions. Then I looked at the history
of the driver to see which commit the patches fixed.

Grouping by feature is probably a better way to determine if the backport
is required or not.

ChenYu

> > >  - i40e: Wrong truncation from u16 to u8
> > >    This can be apply in 4.4.y.
> > >
> > >  - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c
> > >
> > >    This issue has been produced by e284fc280473b ("i40e: Add and delete cloud filter").
> > >    It is not included in 4.4.y. However, this patch has several different fixes, so some patches need to be applied.
>
> I see also
>
> - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN
>
> which apparently allows people to listen to packets they should not
> see. But I assume this requires elevated priviledges to begin with...
>
> Best regards,
>                                                                 Pavel
> --
> DENX Software Engineering GmbH,      Managing Director: Wolfgang Denk
> HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
>

[-- Attachment #2: Type: text/plain, Size: 420 bytes --]


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5578): https://lists.cip-project.org/g/cip-dev/message/5578
Mute This Topic: https://lists.cip-project.org/mt/77380165/4520388
Group Owner: cip-dev+owner@lists.cip-project.org
Unsubscribe: https://lists.cip-project.org/g/cip-dev/leave/8129055/727948398/xyzzy [cip-dev@archiver.kernel.org]
-=-=-=-=-=-=-=-=-=-=-=-


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, back to index

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-08  9:42 [cip-dev] Backporting of security patches for Intel i40e drivers required? masashi.kudo
2020-10-09  0:23 ` Nobuhiro Iwamatsu
2020-10-09  7:24   ` Jan Kiszka
2020-10-12  9:27     ` masashi.kudo
2020-10-14 14:13     ` Pavel Machek
2020-10-14 14:55       ` Chen-Yu Tsai (Moxa)

CIP-dev Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/cip-dev/0 cip-dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 cip-dev cip-dev/ https://lore.kernel.org/cip-dev \
		cip-dev@lists.cip-project.org
	public-inbox-index cip-dev

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.cip-project.lists.cip-dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git